{"id":61581,"date":"2023-12-08T20:25:38","date_gmt":"2023-12-08T11:25:38","guid":{"rendered":"https:\/\/monolith.law\/cs\/?p=61581"},"modified":"2024-03-29T15:53:41","modified_gmt":"2024-03-29T06:53:41","slug":"capcom-information-leakage-crisis-management","status":"publish","type":"post","link":"https:\/\/monolith.law\/cs\/general-corporate\/capcom-information-leakage-crisis-management","title":{"rendered":"Nau\u010dte se z \u00faniku informac\u00ed spole\u010dnosti Capcom: Krizov\u00fd management a role pr\u00e1vn\u00edka"},"content":{"rendered":"\n<p>Informa\u010dn\u00ed \u00fanik spole\u010dnosti Capcom, kter\u00fd se stal v listopadu 2020 (v roce Reiwa 2), byl zp\u016fsoben ransomwarem na zak\u00e1zku a mohlo doj\u00edt k \u00faniku a\u017e 390 000 osobn\u00edch \u00fadaj\u016f.<\/p>\n\n\n\n<p>Samoz\u0159ejm\u011b je lep\u0161\u00ed, kdy\u017e incidenty nenastanou, a je d\u016fle\u017eit\u00e9 vytvo\u0159it syst\u00e9m, kter\u00fd je zabr\u00e1n\u00ed. Nicm\u00e9n\u011b, bez ohledu na to, jak\u00fd syst\u00e9m je zaveden, je nemo\u017en\u00e9 \u00fapln\u011b eliminovat pravd\u011bpodobnost jejich v\u00fdskytu.<\/p>\n\n\n\n<p>Pokud by se takov\u00fd incident p\u0159eci jen stal, jak\u00e9 opat\u0159en\u00ed a vy\u0161et\u0159ov\u00e1n\u00ed by m\u011blo b\u00fdt provedeno ihned po n\u011bm, kdy a jak by m\u011blo b\u00fdt ozn\u00e1meno?<\/p>\n\n\n\n<p>V tomto \u010dl\u00e1nku se z hlediska krizov\u00e9ho \u0159\u00edzen\u00ed p\u0159i incidentech spojen\u00fdch s \u00fanikem osobn\u00edch \u00fadaj\u016f zp\u016fsoben\u00fdch malwarem pod\u00edv\u00e1me na informa\u010dn\u00ed \u00fanik spole\u010dnosti Capcom a vysv\u011btl\u00edme jej v chronologick\u00e9m po\u0159ad\u00ed, abychom se pou\u010dili z jejich reakce a pochopili, jak by m\u011bl vypadat spr\u00e1vn\u00fd syst\u00e9m krizov\u00e9ho \u0159\u00edzen\u00ed.<\/p>\n\n\n\n<p class=\"has-very-light-gray-background-color has-background\">\u203bAdvok\u00e1ti jsou povinni dodr\u017eovat vysokou \u00farove\u0148 d\u016fv\u011brnosti v p\u0159\u00edpadech, na kter\u00fdch se skute\u010dn\u011b pod\u00edleli jako advok\u00e1ti. Tento \u010dl\u00e1nek je zalo\u017een na informac\u00edch, kter\u00e9 jsou ve\u0159ejn\u011b dostupn\u00e9 o p\u0159\u00edpadech, do kter\u00fdch na\u0161e kancel\u00e1\u0159 nebyla zapojena, a vyjad\u0159uje n\u00e1zor advok\u00e1ta.<\/p>\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_53 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<span class=\"ez-toc-title-toggle\"><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/capcom-information-leakage-crisis-management\/#Odhaleni_incidentu_a_pocatecni_reakce\" title=\"Odhalen\u00ed incidentu a po\u010d\u00e1te\u010dn\u00ed reakce\">Odhalen\u00ed incidentu a po\u010d\u00e1te\u010dn\u00ed reakce<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/capcom-information-leakage-crisis-management\/#Rizeni_krizove_komunikace_pred_odhalenim_uniku_informaci\" title=\"\u0158\u00edzen\u00ed krizov\u00e9 komunikace p\u0159ed odhalen\u00edm \u00faniku informac\u00ed\">\u0158\u00edzen\u00ed krizov\u00e9 komunikace p\u0159ed odhalen\u00edm \u00faniku informac\u00ed<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/capcom-information-leakage-crisis-management\/#Tiskova_zprava_po_odhaleni_uniku_informaci\" title=\"Tiskov\u00e1 zpr\u00e1va po odhalen\u00ed \u00faniku informac\u00ed\">Tiskov\u00e1 zpr\u00e1va po odhalen\u00ed \u00faniku informac\u00ed<\/a><ul class='ez-toc-list-level-3'><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/capcom-information-leakage-crisis-management\/#Pocet_pripadu_mozneho_uniku_osobnich_udaju_atd\" title=\"Po\u010det p\u0159\u00edpad\u016f mo\u017en\u00e9ho \u00faniku osobn\u00edch \u00fadaj\u016f atd.\">Po\u010det p\u0159\u00edpad\u016f mo\u017en\u00e9ho \u00faniku osobn\u00edch \u00fadaj\u016f atd.<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/capcom-information-leakage-crisis-management\/#Pritomnost_a_reakce_na_unik_informaci_o_kreditnich_kartach\" title=\"P\u0159\u00edtomnost a reakce na \u00fanik informac\u00ed o kreditn\u00edch kart\u00e1ch\">P\u0159\u00edtomnost a reakce na \u00fanik informac\u00ed o kreditn\u00edch kart\u00e1ch<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/capcom-information-leakage-crisis-management\/#Rady_a_pokyny_od_externich_pravniku_atd\" title=\"Rady a pokyny od extern\u00edch pr\u00e1vn\u00edk\u016f atd.\">Rady a pokyny od extern\u00edch pr\u00e1vn\u00edk\u016f atd.<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/capcom-information-leakage-crisis-management\/#Unik_osobnich_udaju_a_krizovy_management\" title=\"\u00danik osobn\u00edch \u00fadaj\u016f a krizov\u00fd management\">\u00danik osobn\u00edch \u00fadaj\u016f a krizov\u00fd management<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/capcom-information-leakage-crisis-management\/#Moznost_uniku_informaci_o_uchazecich_o_zamestnani\" title=\"Mo\u017enost \u00faniku informac\u00ed o uchaze\u010d\u00edch o zam\u011bstn\u00e1n\u00ed\">Mo\u017enost \u00faniku informac\u00ed o uchaze\u010d\u00edch o zam\u011bstn\u00e1n\u00ed<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/capcom-information-leakage-crisis-management\/#Zahajeni_Bezpecnostniho_dozorciho_vyboru_vcetne_pravniku\" title=\"Zah\u00e1jen\u00ed Bezpe\u010dnostn\u00edho dozor\u010d\u00edho v\u00fdboru v\u010detn\u011b pr\u00e1vn\u00edk\u016f\">Zah\u00e1jen\u00ed Bezpe\u010dnostn\u00edho dozor\u010d\u00edho v\u00fdboru v\u010detn\u011b pr\u00e1vn\u00edk\u016f<\/a><ul class='ez-toc-list-level-3'><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/capcom-information-leakage-crisis-management\/#Zverejneni_treti_tiskove_zpravy\" title=\"Zve\u0159ejn\u011bn\u00ed t\u0159et\u00ed tiskov\u00e9 zpr\u00e1vy\">Zve\u0159ejn\u011bn\u00ed t\u0159et\u00ed tiskov\u00e9 zpr\u00e1vy<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/capcom-information-leakage-crisis-management\/#O_moznosti_uniku_osobnich_udaju_uchazecu_o_zamestnani\" title=\"O mo\u017enosti \u00faniku osobn\u00edch \u00fadaj\u016f uchaze\u010d\u016f o zam\u011bstn\u00e1n\u00ed\">O mo\u017enosti \u00faniku osobn\u00edch \u00fadaj\u016f uchaze\u010d\u016f o zam\u011bstn\u00e1n\u00ed<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/capcom-information-leakage-crisis-management\/#Krizova_komunikace_na_zaklade_vysledku_pruzkumu\" title=\"Krizov\u00e1 komunikace na z\u00e1klad\u011b v\u00fdsledk\u016f pr\u016fzkumu\">Krizov\u00e1 komunikace na z\u00e1klad\u011b v\u00fdsledk\u016f pr\u016fzkumu<\/a><ul class='ez-toc-list-level-3'><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/capcom-information-leakage-crisis-management\/#Publikace_ctvrte_tiskove_zpravy\" title=\"Publikace \u010dtvrt\u00e9 tiskov\u00e9 zpr\u00e1vy\">Publikace \u010dtvrt\u00e9 tiskov\u00e9 zpr\u00e1vy<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/capcom-information-leakage-crisis-management\/#Zpravy_a_reakce_na_vykupne\" title=\"Zpr\u00e1vy a reakce na v\u00fdkupn\u00e9\">Zpr\u00e1vy a reakce na v\u00fdkupn\u00e9<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-15\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/capcom-information-leakage-crisis-management\/#Vydani_na_souvisejicich_webovych_strankach_atd\" title=\"Vyd\u00e1n\u00ed na souvisej\u00edc\u00edch webov\u00fdch str\u00e1nk\u00e1ch atd.\">Vyd\u00e1n\u00ed na souvisej\u00edc\u00edch webov\u00fdch str\u00e1nk\u00e1ch atd.<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-16\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/capcom-information-leakage-crisis-management\/#Shrnuti\" title=\"Shrnut\u00ed\">Shrnut\u00ed<\/a><\/li><\/ul><\/nav><\/div>\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Odhaleni_incidentu_a_pocatecni_reakce\"><\/span>Odhalen\u00ed incidentu a po\u010d\u00e1te\u010dn\u00ed reakce<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Incident byl potvrzen 2. listopadu 2020.<\/p>\n\n\n\n<p>V t\u00e9to dob\u011b byly zji\u0161t\u011bny probl\u00e9my s p\u0159ipojen\u00edm k intern\u00edmu syst\u00e9mu, byla provedena izolace syst\u00e9mu a za\u010dalo se s hodnocen\u00edm \u0161kod.<\/p>\n\n\n\n<p>Je\u0161t\u011b tent\u00fd\u017e den bylo zji\u0161t\u011bno, \u017ee p\u0159\u00ed\u010dinou probl\u00e9mu je \u0161ifrov\u00e1n\u00ed soubor\u016f na za\u0159\u00edzen\u00edch v s\u00edti zp\u016fsoben\u00e9 \u00fatokem ransomwaru.<\/p>\n\n\n\n<p>Na po\u0161kozen\u00fdch termin\u00e1lech byla objevena v\u00fdhru\u017en\u00e1 zpr\u00e1va od skupiny naz\u00fdvaj\u00edc\u00ed se &#8220;Ragnar Locker&#8221;.<\/p>\n\n\n\n<p>Capcom v t\u00e9to dob\u011b podal zpr\u00e1vu prefektu\u0159e \u00d3saka a po\u017e\u00e1dal extern\u00ed spole\u010dnosti o pomoc s obnovou.<\/p>\n\n\n\n<p>P\u0159i vzniku incidentu je samoz\u0159ejm\u011b nezbytn\u00e9 pro pokra\u010dov\u00e1n\u00ed podnik\u00e1n\u00ed sp\u011bchat s obnovou syst\u00e9mu. Nicm\u00e9n\u011b, pokud je potvrzen \u00fatok ransomwarem, je velmi pravd\u011bpodobn\u00e9, \u017ee se jedn\u00e1 o takzvan\u00fd neleg\u00e1ln\u00ed p\u0159\u00edstup, kter\u00fd je zak\u00e1z\u00e1n z\u00e1konem o z\u00e1kazu neleg\u00e1ln\u00edho p\u0159\u00edstupu (japonsk\u00fd z\u00e1kon o z\u00e1kazu neopr\u00e1vn\u011bn\u00e9ho p\u0159\u00edstupu).<\/p>\n\n\n\n<p>Je d\u016fle\u017eit\u00e9 rychle podat zpr\u00e1vu policii, je\u0161t\u011b p\u0159edt\u00edm, ne\u017e je potvrzen \u00fanik d\u016fv\u011brn\u00fdch informac\u00ed v\u010detn\u011b osobn\u00edch \u00fadaj\u016f a ne\u017e je identifikov\u00e1na cesta naru\u0161en\u00ed.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Rizeni_krizove_komunikace_pred_odhalenim_uniku_informaci\"><\/span>\u0158\u00edzen\u00ed krizov\u00e9 komunikace p\u0159ed odhalen\u00edm \u00faniku informac\u00ed<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/monolith.law\/wp-content\/uploads\/2021\/05\/capcom-information-leakage-crisis-management1.jpg\" alt=\"\" class=\"wp-image-33052\" \/><\/figure>\n\n\n\n<p>A n\u00e1sleduj\u00edc\u00ed den po vzniku, 4. listopadu, Capcom vydal svou prvn\u00ed tiskovou zpr\u00e1vu s n\u00e1zvem &#8220;Ozn\u00e1men\u00ed o v\u00fdskytu syst\u00e9mov\u00e9 poruchy zp\u016fsoben\u00e9 neopr\u00e1vn\u011bn\u00fdm p\u0159\u00edstupem&#8221;.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote\">\n<p>Ohledn\u011b t\u00e9to poruchy potvrzujeme, \u017ee do\u0161lo k neopr\u00e1vn\u011bn\u00e9mu p\u0159\u00edstupu ze strany t\u0159et\u00ed strany, a od tohoto dne jsme \u010d\u00e1ste\u010dn\u011b pozastavili provoz na\u0161\u00ed intern\u00ed s\u00edt\u011b. Omlouv\u00e1me se v\u0161em z\u00fa\u010dastn\u011bn\u00fdm za zna\u010dn\u00e9 nep\u0159\u00edjemnosti, kter\u00e9 to zp\u016fsobilo. Krom\u011b toho, v sou\u010dasn\u00e9 dob\u011b nebyl potvrzen \u017e\u00e1dn\u00fd \u00fanik informac\u00ed z\u00e1kazn\u00edk\u016f atd.<\/p>\n\n\n\n<p><\/p>\n<cite><a href=\"https:\/\/www.capcom.co.jp\/ir\/news\/html\/201104.html\" target=\"_blank\" rel=\"noreferrer noopener\">Ozn\u00e1men\u00ed o v\u00fdskytu syst\u00e9mov\u00e9 poruchy zp\u016fsoben\u00e9 neopr\u00e1vn\u011bn\u00fdm p\u0159\u00edstupem [ja]<\/a><\/cite><\/blockquote>\n\n\n\n<p>V tomto okam\u017eiku se jedn\u00e1 pouze o &#8220;v\u00fdskyt syst\u00e9mov\u00e9 poruchy&#8221; zp\u016fsoben\u00fd &#8220;neopr\u00e1vn\u011bn\u00fdm p\u0159\u00edstupem&#8221;, a \u00fanik informac\u00ed je\u0161t\u011b nebyl odhalen.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Tiskova_zprava_po_odhaleni_uniku_informaci\"><\/span>Tiskov\u00e1 zpr\u00e1va po odhalen\u00ed \u00faniku informac\u00ed<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Pocet_pripadu_mozneho_uniku_osobnich_udaju_atd\"><\/span>Po\u010det p\u0159\u00edpad\u016f mo\u017en\u00e9ho \u00faniku osobn\u00edch \u00fadaj\u016f atd.<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>\u00danik informac\u00ed byl odhalen 12. listopadu.<\/p>\n\n\n\n<p>Bylo potvrzeno, \u017ee do\u0161lo k \u00faniku dev\u00edti osobn\u00edch \u00fadaj\u016f a n\u011bkter\u00fdch firemn\u00edch informac\u00ed.<\/p>\n\n\n\n<p>N\u00e1sleduj\u00edc\u00ed den se Capcom obr\u00e1til na p\u0159edn\u00ed bezpe\u010dnostn\u00ed firmu s \u017e\u00e1dost\u00ed o vy\u0161et\u0159en\u00ed p\u0159\u00ed\u010din a 16. listopadu zve\u0159ejnil tiskovou zpr\u00e1vu potvrzuj\u00edc\u00ed \u00fanik informac\u00ed.<\/p>\n\n\n\n<p>V tomto okam\u017eiku byly rozli\u0161eny:<\/p>\n\n\n\n<ul>\n<li>informace, u kter\u00fdch byl potvrzen \u00fanik<\/li>\n\n\n\n<li>informace, u kter\u00fdch m\u016f\u017ee doj\u00edt k \u00faniku<\/li>\n<\/ul>\n\n\n\n<p>A pro ka\u017edou z nich byly rozli\u0161eny:<\/p>\n\n\n\n<ul>\n<li>osobn\u00ed \u00fadaje (z\u00e1kazn\u00edci, obchodn\u00ed partne\u0159i atd.)<\/li>\n\n\n\n<li>osobn\u00ed \u00fadaje (zam\u011bstnanci a dal\u0161\u00ed z\u00fa\u010dastn\u011bn\u00e9 strany)<\/li>\n\n\n\n<li>firemn\u00ed informace (informace o tr\u017eb\u00e1ch, informace o obchodn\u00edch partnerech, obchodn\u00ed dokumenty, v\u00fdvojov\u00e9 dokumenty atd.)<\/li>\n<\/ul>\n\n\n\n<p>A byl uveden p\u0159ibli\u017en\u00fd po\u010det p\u0159\u00edpad\u016f.<\/p>\n\n\n\n<p>V tomto okam\u017eiku bylo zve\u0159ejn\u011bno, \u017ee &#8220;existuje mo\u017enost \u00faniku a\u017e 350 000 z\u00e1kaznick\u00fdch osobn\u00edch \u00fadaj\u016f&#8221;.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Pritomnost_a_reakce_na_unik_informaci_o_kreditnich_kartach\"><\/span>P\u0159\u00edtomnost a reakce na \u00fanik informac\u00ed o kreditn\u00edch kart\u00e1ch<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Z\u00e1rove\u0148 bylo uvedeno:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote\">\n<p>Upozor\u0148ujeme, \u017ee ve\u0161ker\u00e9 platby v r\u00e1mci na\u0161eho internetov\u00e9ho prodeje jsou outsourcov\u00e1ny, tak\u017ee neuchov\u00e1v\u00e1me informace o kreditn\u00edch kart\u00e1ch a nedo\u0161lo k \u017e\u00e1dn\u00e9mu \u00faniku informac\u00ed o kreditn\u00edch kart\u00e1ch.<\/p>\n<cite><a href=\"https:\/\/www.capcom.co.jp\/ir\/news\/html\/201116.html\" target=\"_blank\" rel=\"noreferrer noopener\">Ozn\u00e1men\u00ed a omluva za \u00fanik informac\u00ed zp\u016fsoben\u00fd neopr\u00e1vn\u011bn\u00fdm p\u0159\u00edstupem[ja]<\/a> <\/cite><\/blockquote>\n\n\n\n<p>A d\u00e1le byly zve\u0159ejn\u011bny informace o:<\/p>\n\n\n\n<ul>\n<li>reakci na osoby, u kter\u00fdch byl potvrzen \u00fanik osobn\u00edch \u00fadaj\u016f a osoby, u kter\u00fdch k tomu m\u016f\u017ee doj\u00edt<\/li>\n\n\n\n<li>pr\u016fb\u011bhu odhalen\u00ed a reakce<\/li>\n\n\n\n<li>budouc\u00edch kroc\u00edch<\/li>\n<\/ul>\n\n\n\n<p>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Rady_a_pokyny_od_externich_pravniku_atd\"><\/span>Rady a pokyny od extern\u00edch pr\u00e1vn\u00edk\u016f atd.<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>V tiskov\u00e9 zpr\u00e1v\u011b bylo tak\u00e9 uvedeno:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote\">\n<p>Informovali jsme p\u0159edn\u00ed softwarovou spole\u010dnost, p\u0159edn\u00ed bezpe\u010dnostn\u00ed specialisty a extern\u00ed pr\u00e1vn\u00edky se znalostmi kybernetick\u00e9 bezpe\u010dnosti o situaci a z\u00edskali jsme jejich rady a pokyny. Za\u010dali jsme kontaktovat osoby, u kter\u00fdch byl potvrzen \u00fanik informac\u00ed, a z\u00fa\u010dastn\u011bn\u00e9 strany a budeme pokra\u010dovat v pro\u0161et\u0159ov\u00e1n\u00ed informac\u00ed, kter\u00e9 mohly b\u00fdt odcizeny.<\/p>\n<cite><a href=\"https:\/\/www.capcom.co.jp\/ir\/news\/html\/201116.html\" target=\"_blank\" rel=\"noreferrer noopener\">Ozn\u00e1men\u00ed a omluva za \u00fanik informac\u00ed zp\u016fsoben\u00fd neopr\u00e1vn\u011bn\u00fdm p\u0159\u00edstupem[ja]<\/a> <\/cite><\/blockquote>\n\n\n\n<p>.<\/p>\n\n\n\n<p>D\u00e1le byly z\u0159\u00edzeny kontaktn\u00ed m\u00edsta pro dotazy t\u00fdkaj\u00edc\u00ed se osobn\u00edch \u00fadaj\u016f a &#8220;Kontaktn\u00ed m\u00edsto pro dotazy t\u00fdkaj\u00edc\u00ed se \u00faniku informac\u00ed Capcom&#8221;, a to &#8220;Kontaktn\u00ed m\u00edsto pro dotazy od hr\u00e1\u010d\u016f her&#8221; a &#8220;V\u0161eobecn\u00e9 kontaktn\u00ed m\u00edsto&#8221;, ob\u011b s bezplatn\u00fdm telefonn\u00edm \u010d\u00edslem.<\/p>\n\n\n\n<p>A od okam\u017eiku, kdy byl odhalen \u00fanik alespo\u0148 n\u011bkter\u00fdch informac\u00ed, trvalo \u010dty\u0159i dny, ne\u017e byla zve\u0159ejn\u011bna tiskov\u00e1 zpr\u00e1va o \u00faniku informac\u00ed.<\/p>\n\n\n\n<p>Je pravd\u011bpodobn\u00e9, \u017ee tento \u010das byl nezbytn\u00fd pro proveden\u00ed ur\u010dit\u00e9ho stupn\u011b podrobn\u00e9ho ov\u011b\u0159en\u00ed informac\u00ed a rozhodov\u00e1n\u00ed o budouc\u00edch kroc\u00edch.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Unik_osobnich_udaju_a_krizovy_management\"><\/span>\u00danik osobn\u00edch \u00fadaj\u016f a krizov\u00fd management<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Na rozd\u00edl od prvn\u00ed zpr\u00e1vy o &#8220;syst\u00e9mov\u00e9 poru\u0161e&#8221;, druh\u00e1 zpr\u00e1va, kter\u00e1 uv\u00e1d\u00ed, \u017ee &#8220;mohlo doj\u00edt k \u00faniku a\u017e 350 000 z\u00e1znam\u016f o osobn\u00edch \u00fadaj\u00edch z\u00e1kazn\u00edk\u016f&#8221;, je zmi\u0148ov\u00e1na v n\u011bkolika m\u00e9di\u00edch.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote\">\n<p>Spole\u010dnost Capcom byla napadena ransomwarem na zak\u00e1zku od t\u0159et\u00ed strany, co\u017e vedlo k \u00faniku osobn\u00edch \u00fadaj\u016f, kter\u00e9 vlastn\u00ed skupina spole\u010dnost\u00ed. K 16. listopadu mohlo doj\u00edt k \u00faniku informac\u00ed a\u017e o 350 000 z\u00e1kazn\u00edc\u00edch a obchodn\u00edch partnerech. Mohlo tak\u00e9 doj\u00edt k \u00faniku obchodn\u00edch a v\u00fdvojov\u00fdch dokument\u016f.<\/p>\n<cite><a href=\"https:\/\/www.bcnretail.com\/market\/detail\/20201118_200070.html\" target=\"_blank\" rel=\"noreferrer noopener\">Capcom, \u00fanik a\u017e 350 000 osobn\u00edch \u00fadaj\u016f kv\u016fli neopr\u00e1vn\u011bn\u00e9mu p\u0159\u00edstupu. &#8220;Hran\u00ed her nen\u00ed ovlivn\u011bno&#8221; \u2013 BCN+R[ja]<\/a><\/cite><\/blockquote>\n\n\n\n<p>V dob\u011b tiskov\u00e9 zpr\u00e1vy byly v\u0161ak tak\u00e9 zve\u0159ejn\u011bny informace o &#8220;pr\u016fb\u011bhu odhalen\u00ed a reakce&#8221; a &#8220;budouc\u00edch opat\u0159en\u00edch&#8221;, tak\u017ee v\u00fd\u0161e uveden\u00fd \u010dl\u00e1nek kon\u010d\u00ed v\u011btami jako: &#8220;V budoucnu budeme spolupracovat s policejn\u00edmi org\u00e1ny a z\u0159\u00edd\u00edme novou poradn\u00ed organizaci pro syst\u00e9movou bezpe\u010dnost s extern\u00edmi odborn\u00edky, abychom zabr\u00e1nili opakov\u00e1n\u00ed. Uji\u0161\u0165ujeme, \u017ee \u0161kody na u\u017eivatel\u00edch a mimo spole\u010dnost se neroz\u0161\u00ed\u0159\u00ed prost\u0159ednictv\u00edm p\u0159ipojen\u00ed k internetu pro hran\u00ed na\u0161ich her nebo p\u0159\u00edstupu na na\u0161e webov\u00e9 str\u00e1nky. Nav\u00edc vyz\u00fdv\u00e1me u\u017eivatele, u kter\u00fdch mohlo doj\u00edt k \u00faniku osobn\u00edch \u00fadaj\u016f, aby byli opatrn\u00ed, proto\u017ee mohou dost\u00e1vat po\u0161tu, kterou neo\u010dek\u00e1vaj\u00ed, nebo podez\u0159el\u00e9 hovory.&#8221;<\/p>\n\n\n\n<p>V tiskov\u00e9 zpr\u00e1v\u011b po odhalen\u00ed \u00faniku osobn\u00edch \u00fadaj\u016f je d\u016fle\u017eit\u00e9 zve\u0159ejnit informace, kter\u00e9 jsou do ur\u010dit\u00e9 m\u00edry sestaveny, v\u010detn\u011b &#8220;pr\u016fb\u011bhu odhalen\u00ed a reakce&#8221; a &#8220;budouc\u00edch opat\u0159en\u00ed&#8221;.<\/p>\n\n\n\n<p>A v dob\u011b, kdy je odhalen \u00fanik osobn\u00edch \u00fadaj\u016f,<\/p>\n\n\n\n<ul>\n<li>velk\u00e9 softwarov\u00e9 spole\u010dnosti<\/li>\n\n\n\n<li>velk\u00e9 bezpe\u010dnostn\u00ed specialisty<\/li>\n\n\n\n<li>extern\u00ed pr\u00e1vn\u00edci se znalostmi v oblasti kybernetick\u00e9 bezpe\u010dnosti<\/li>\n<\/ul>\n\n\n\n<p>je d\u016fle\u017eit\u00e9 sestavit t\u00fdm odborn\u00edk\u016f a paraleln\u011b s \u010dist\u011b IT opat\u0159en\u00edmi, jako je vy\u0161et\u0159ov\u00e1n\u00ed p\u0159\u00ed\u010din, prov\u00e1d\u011bt tak\u00e9 komunikaci s posti\u017een\u00fdmi z\u00e1kazn\u00edky a krizovou komunikaci.<\/p>\n\n\n\n<p>Nav\u00edc, v p\u0159\u00edpad\u011b ve\u0159ejn\u011b obchodovan\u00fdch spole\u010dnost\u00ed je jako sou\u010d\u00e1st t\u00e9to krizov\u00e9 komunikace tak\u00e9 nutn\u00e9 vysv\u011btlen\u00ed akcion\u00e1\u0159\u016fm.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Moznost_uniku_informaci_o_uchazecich_o_zamestnani\"><\/span>Mo\u017enost \u00faniku informac\u00ed o uchaze\u010d\u00edch o zam\u011bstn\u00e1n\u00ed<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/monolith.law\/wp-content\/uploads\/2021\/05\/capcom-information-leakage-crisis-management2.jpg\" alt=\"\" class=\"wp-image-33053\" \/><\/figure>\n\n\n\n<p>Ve ve\u0159ejn\u00e9m tiskov\u00e9m prohl\u00e1\u0161en\u00ed \u201eMo\u017en\u00fd \u00fanik informac\u00ed\u201c a \u201eOsobn\u00ed \u00fadaje (z\u00e1kazn\u00edci, obchodn\u00ed partne\u0159i atd.) a\u017e 350 tis\u00edc polo\u017eek\u201c byla tak\u00e9 polo\u017eka \u201eInformace o uchaze\u010d\u00edch o zam\u011bstn\u00e1n\u00ed (p\u0159ibli\u017en\u011b 125 tis\u00edc polo\u017eek)\u201c. V souvislosti s t\u00edm, \u017ee Capcom uvedl na sv\u00e9m vlastn\u00edm webu pro n\u00e1bor, \u017ee provede likvidaci, se na soci\u00e1ln\u00edch s\u00edt\u00edch objevily ot\u00e1zky.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote\">\n<p>Capcom uvedl na sv\u00e9m vlastn\u00edm webu pro n\u00e1bor, \u017ee \u201edokumenty uchaze\u010d\u016f, kte\u0159\u00ed nebyli p\u0159ijati nebo kte\u0159\u00ed odm\u00edtli nab\u00eddku, budou po v\u00fdb\u011brov\u00e9m \u0159\u00edzen\u00ed zodpov\u011bdn\u011b zni\u010deny\u201c. Na Twitteru se objevily ot\u00e1zky t\u00fdkaj\u00edc\u00ed se toho, \u017ee osobn\u00ed \u00fadaje, kter\u00e9 m\u011bly b\u00fdt zni\u010deny, nebyly zni\u010deny. Capcom se omluvil a vysv\u011btlil, \u017ee \u201edigitalizovali \u017eivotopisy uchaze\u010d\u016f a uchov\u00e1vali je po ur\u010ditou dobu\u201c. Omluvili se za to, \u017ee \u201enebylo zm\u00edn\u011bno o digitalizaci a v\u00fdraz byl nedostate\u010dn\u00fd, co\u017e vedlo k nedorozum\u011bn\u00ed\u201c. Co se t\u00fd\u010de d\u016fvod\u016f pro uchov\u00e1v\u00e1n\u00ed, vysv\u011btlili, \u017ee \u201en\u011bkte\u0159\u00ed uchaze\u010di se uch\u00e1zej\u00ed v\u00edcekr\u00e1t. Bylo to pro hladk\u00e9 ov\u011b\u0159en\u00ed minul\u00fdch z\u00e1znam\u016f o p\u0159ihl\u00e1\u0161k\u00e1ch\u201c. Na ot\u00e1zku, zda byla data v\u0161ech uchaze\u010d\u016f uchov\u00e1v\u00e1na, odpov\u011bd\u011bli, \u017ee \u201ev sou\u010dasn\u00e9 dob\u011b to nen\u00ed jasn\u00e9\u201c.<\/p>\n<cite><a href=\"https:\/\/www.itmedia.co.jp\/news\/articles\/2011\/20\/news141.html\" target=\"_blank\" rel=\"noreferrer noopener\">Capcom, nezni\u010dil dokumenty ne\u00fasp\u011b\u0161n\u00fdch uchaze\u010d\u016f. Na str\u00e1nce pro n\u00e1bor bylo uvedeno \u201ezodpov\u011bdn\u011b zni\u010d\u00edme\u201c, ale mo\u017en\u00fd \u00fanik informac\u00ed v d\u016fsledku kybernetick\u00e9ho \u00fatoku &#8211; ITmedia NEWS[ja]<\/a> <\/cite><\/blockquote>\n\n\n\n<p>Nen\u00ed jasn\u00e9, zda Capcom p\u0159edpov\u011bd\u011bl tyto ot\u00e1zky, ale pokud by informace, kter\u00e9 by nem\u011bly existovat (a je do ur\u010dit\u00e9 m\u00edry pochopiteln\u00e9, \u017ee se tak domn\u00edvaj\u00ed), existovaly uvnit\u0159 spole\u010dnosti a mohly by uniknout, bylo by lep\u0161\u00ed vyd\u00e1vat tiskov\u00e1 prohl\u00e1\u0161en\u00ed po p\u0159edchoz\u00edm zv\u00e1\u017een\u00ed tohoto probl\u00e9mu.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Zahajeni_Bezpecnostniho_dozorciho_vyboru_vcetne_pravniku\"><\/span>Zah\u00e1jen\u00ed Bezpe\u010dnostn\u00edho dozor\u010d\u00edho v\u00fdboru v\u010detn\u011b pr\u00e1vn\u00edk\u016f<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/monolith.law\/wp-content\/uploads\/2021\/05\/capcom-information-leakage-crisis-management3.jpg\" alt=\"\" class=\"wp-image-33054\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Zverejneni_treti_tiskove_zpravy\"><\/span>Zve\u0159ejn\u011bn\u00ed t\u0159et\u00ed tiskov\u00e9 zpr\u00e1vy<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Capcom d\u00e1le ozn\u00e1mil, \u017ee 21. prosince (2020) uspo\u0159\u00e1dal p\u0159\u00edpravnou sch\u016fzku pro zah\u00e1jen\u00ed &#8220;Bezpe\u010dnostn\u00edho dozor\u010d\u00edho v\u00fdboru&#8221; jako poradn\u00ed organizace pro syst\u00e9movou bezpe\u010dnost pod veden\u00edm extern\u00edch odborn\u00edk\u016f.<\/p>\n\n\n\n<p>N\u00e1sleduj\u00edc\u00edho roku, 12. ledna 2021, byla zve\u0159ejn\u011bna t\u0159et\u00ed tiskov\u00e1 zpr\u00e1va s n\u00e1zvem &#8220;Ozn\u00e1men\u00ed a omluva za \u00fanik informac\u00ed zp\u016fsoben\u00fd neopr\u00e1vn\u011bn\u00fdm p\u0159\u00edstupem (t\u0159et\u00ed zpr\u00e1va)&#8221;,<\/p>\n\n\n\n<blockquote class=\"wp-block-quote\">\n<p>Bylo potvrzeno, \u017ee do\u0161lo k \u00faniku dal\u0161\u00edch 16 406 osob, co\u017e zvy\u0161uje celkov\u00fd po\u010det na 16 415 osob od vypuknut\u00ed t\u00e9to ud\u00e1losti. D\u00e1le bylo zji\u0161t\u011bno, \u017ee maxim\u00e1ln\u00ed po\u010det osobn\u00edch informac\u00ed z\u00e1kazn\u00edk\u016f a obchodn\u00edch partner\u016f mimo spole\u010dnost, kter\u00e9 mohly uniknout, je p\u0159ibli\u017en\u011b 390 000 (zv\u00fd\u0161en\u00ed o p\u0159ibli\u017en\u011b 40 000 od posledn\u00edho ozn\u00e1men\u00ed).<\/p>\n<\/blockquote>\n\n\n\n<p>Informace byly aktualizov\u00e1ny v souladu s pr\u016fb\u011bhem vy\u0161et\u0159ov\u00e1n\u00ed. Krom\u011b toho, \u017ee nebyly unikl\u00e9 informace o kreditn\u00edch kart\u00e1ch,<\/p>\n\n\n\n<blockquote class=\"wp-block-quote\">\n<p>Internetov\u00e9 p\u0159ipojen\u00ed a n\u00e1kupy pot\u0159ebn\u00e9 pro hran\u00ed na\u0161ich her nevyu\u017e\u00edvaj\u00ed syst\u00e9m, kter\u00fd byl napaden tentokr\u00e1t, ale vyu\u017e\u00edvaj\u00ed extern\u00ed outsourcing nebo samostatn\u00fd extern\u00ed server, co\u017e plat\u00ed i nyn\u00ed. Proto neexistuje \u017e\u00e1dn\u00e1 souvislost mezi internetov\u00fdm p\u0159ipojen\u00edm a n\u00e1kupy pot\u0159ebn\u00fdmi pro hran\u00ed na\u0161ich her a t\u00edmto kybernetick\u00fdm \u00fatokem na n\u00e1\u0161 syst\u00e9m, a z\u00e1kazn\u00edci nebudou po\u0161kozeni.<\/p>\n<cite><a href=\"https:\/\/www.capcom.co.jp\/ir\/news\/html\/210112.html\" target=\"_blank\" rel=\"noreferrer noopener\">Ozn\u00e1men\u00ed a omluva za \u00fanik informac\u00ed zp\u016fsoben\u00fd neopr\u00e1vn\u011bn\u00fdm p\u0159\u00edstupem (t\u0159et\u00ed zpr\u00e1va) | Capcom Co., Ltd. [ja]<\/a><\/cite><\/blockquote>\n\n\n\n<p>Toto bylo tak\u00e9 uvedeno.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"O_moznosti_uniku_osobnich_udaju_uchazecu_o_zamestnani\"><\/span>O mo\u017enosti \u00faniku osobn\u00edch \u00fadaj\u016f uchaze\u010d\u016f o zam\u011bstn\u00e1n\u00ed<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Krom\u011b toho byla v t\u00e9to dob\u011b zve\u0159ejn\u011bna mo\u017enost \u00faniku &#8220;informac\u00ed, u kter\u00fdch byla nov\u011b potvrzena mo\u017enost \u00faniku&#8221;, konkr\u00e9tn\u011b &#8220;jm\u00e9na, adresy, telefonn\u00ed \u010d\u00edsla, e-mailov\u00e9 adresy atd. jedn\u00e9 nebo v\u00edce osob&#8221; z osobn\u00edch \u00fadaj\u016f &#8220;p\u0159ibli\u017en\u011b 58 000 uchaze\u010d\u016f o zam\u011bstn\u00e1n\u00ed&#8221; uveden\u00fdch v\u00fd\u0161e.<br><\/p>\n\n\n\n<p>Co se t\u00fd\u010de tohoto bodu,<\/p>\n\n\n\n<blockquote class=\"wp-block-quote\">\n<p>V listopadu bylo zji\u0161t\u011bno, \u017ee informace o uchaze\u010d\u00edch nebyly zni\u010deny, ale byly uchov\u00e1v\u00e1ny i po v\u00fdb\u011brov\u00e9m \u0159\u00edzen\u00ed v souvislosti s kybernetick\u00fdm \u00fatokem na spole\u010dnost. Na str\u00e1nce &#8220;Ochrana osobn\u00edch \u00fadaj\u016f&#8221; na str\u00e1nce pro zam\u011bstn\u00e1n\u00ed bylo p\u016fvodn\u011b uvedeno, \u017ee &#8220;po v\u00fdb\u011brov\u00e9m \u0159\u00edzen\u00ed budou informace zni\u010deny pod na\u0161\u00ed odpov\u011bdnost\u00ed&#8221;. Pot\u00e9 byla v prosinci 2020 p\u0159id\u00e1na formulace &#8220;Vzhledem k tomu, \u017ee p\u0159ij\u00edm\u00e1me opakovan\u00e9 \u017e\u00e1dosti, m\u016f\u017ee se st\u00e1t, \u017ee budeme uchov\u00e1vat digitalizovan\u00e9 verze pap\u00edrov\u00fdch dokument\u016f, kter\u00e9 jsme obdr\u017eeli, pro \u00fa\u010dely jako je hladk\u00e9 ov\u011b\u0159ov\u00e1n\u00ed p\u0159edchoz\u00edch \u017e\u00e1dost\u00ed&#8221;. Podle spole\u010dnosti &#8220;osobn\u00ed \u00fadaje uchaze\u010d\u016f jsou st\u00e1le uchov\u00e1v\u00e1ny v intern\u00edm syst\u00e9mu a provoz se od doby p\u0159ed neopr\u00e1vn\u011bn\u00fdm p\u0159\u00edstupem t\u00e9m\u011b\u0159 nezm\u011bnil.<\/p>\n<cite><a href=\"https:\/\/www.itmedia.co.jp\/news\/articles\/2101\/13\/news075.html\" target=\"_blank\" rel=\"noreferrer noopener\">Capcom potvrdil \u00fanik osobn\u00edch \u00fadaj\u016f 16 000 lid\u00ed, nov\u011b odhalil mo\u017enost \u00faniku dal\u0161\u00edch 58 000 osob v d\u016fsledku kybernetick\u00e9ho \u00fatoku v listopadu 2020 &#8211; ITmedia NEWS[ja]<\/a> <\/cite><\/blockquote>\n\n\n\n<p>Toto bylo ozn\u00e1meno.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Krizova_komunikace_na_zaklade_vysledku_pruzkumu\"><\/span>Krizov\u00e1 komunikace na z\u00e1klad\u011b v\u00fdsledk\u016f pr\u016fzkumu<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Publikace_ctvrte_tiskove_zpravy\"><\/span>Publikace \u010dtvrt\u00e9 tiskov\u00e9 zpr\u00e1vy<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Pot\u00e9 Capcom uspo\u0159\u00e1dal prvn\u00ed sch\u016fzi Bezpe\u010dnostn\u00edho dozor\u010d\u00edho v\u00fdboru dne 18. ledna, druhou sch\u016fzi dne 25. \u00fanora a t\u0159et\u00ed sch\u016fzi dne 26. b\u0159ezna, p\u0159i\u010dem\u017e konal sch\u016fze Bezpe\u010dnostn\u00edho dozor\u010d\u00edho v\u00fdboru jednou m\u011bs\u00ed\u010dn\u011b. D\u00e1le dne 31. b\u0159ezna p\u0159ijal zpr\u00e1vu od p\u0159edn\u00ed spole\u010dnosti specializuj\u00edc\u00ed se na bezpe\u010dnost a zpr\u00e1vu od p\u0159edn\u00ed softwarov\u00e9 spole\u010dnosti.<\/p>\n\n\n\n<p>V reakci na tyto ud\u00e1losti Capcom dne 13. dubna zve\u0159ejnil \u010dtvrtou tiskovou zpr\u00e1vu s n\u00e1zvem &#8220;Zpr\u00e1va o v\u00fdsledc\u00edch vy\u0161et\u0159ov\u00e1n\u00ed neopr\u00e1vn\u011bn\u00e9ho p\u0159\u00edstupu (\u010dtvrt\u00e1 zpr\u00e1va)&#8221;.<\/p>\n\n\n\n<p>V t\u00e9to zpr\u00e1v\u011b pod\u00e1v\u00e1 podrobn\u00fd technick\u00fd popis, kter\u00fd se zd\u00e1 b\u00fdt zalo\u017een na v\u00fd\u0161e uveden\u00fdch zpr\u00e1v\u00e1ch, v\u010detn\u011b &#8220;Podrobnost\u00ed o reakci&#8221;, &#8220;P\u0159\u00ed\u010din a rozsahu \u0161kody&#8221; a &#8220;Opat\u0159en\u00ed pro pos\u00edlen\u00ed bezpe\u010dnosti k zabr\u00e1n\u011bn\u00ed opakov\u00e1n\u00ed&#8221;. Krom\u011b toho uv\u00e1d\u00ed, \u017ee mezi organiza\u010dn\u00edmi opat\u0159en\u00edmi zalo\u017eil Bezpe\u010dnostn\u00ed dozor\u010d\u00ed v\u00fdbor, kter\u00fd zahrnuje jednoho pr\u00e1vn\u00edka, odborn\u00edka na kybernetickou bezpe\u010dnost a japonsk\u00e9 z\u00e1kony o ochran\u011b osobn\u00edch \u00fadaj\u016f.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Zpravy_a_reakce_na_vykupne\"><\/span>Zpr\u00e1vy a reakce na v\u00fdkupn\u00e9<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/monolith.law\/wp-content\/uploads\/2021\/05\/capcom-information-leakage-crisis-management4.jpg\" alt=\"\" class=\"wp-image-33055\" \/><\/figure>\n\n\n\n<p>Dne 1. b\u0159ezna, v pr\u016fb\u011bhu v\u00fd\u0161e uveden\u00e9ho obdob\u00ed, bylo ozn\u00e1meno, \u017ee kybernetick\u00e1 zlo\u010dineck\u00e1 skupina &#8220;Ragnar Locker&#8221; po\u017eadovala od spole\u010dnosti Capcom v\u00fdkupn\u00e9 ve v\u00fd\u0161i p\u0159ibli\u017en\u011b 1,15 miliardy jen\u016f.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote\">\n<p>Kybernetick\u00e1 zlo\u010dineck\u00e1 skupina &#8220;Ragnar Locker&#8221; zve\u0159ejnila na sv\u00fdch webov\u00fdch str\u00e1nk\u00e1ch soubory, kter\u00e9 tvrd\u00ed, \u017ee ukradla od spole\u010dnost\u00ed, a po\u017eadovala 11 milion\u016f dolar\u016f (p\u0159ibli\u017en\u011b 1,15 miliardy jen\u016f) jako v\u00fdkupn\u00e9. Capcom v\u0161ak v sou\u010dasn\u00e9 dob\u011b odm\u00edt\u00e1 platit.<\/p>\n<cite><a href=\"https:\/\/diamond.jp\/articles\/-\/263660\" target=\"_blank\" rel=\"noreferrer noopener\">Capcom odm\u00edt\u00e1 zaplatit 1,15 miliardy jen\u016f! D\u016fvody, pro\u010d by se nem\u011blo platit v\u00fdkupn\u00e9 i p\u0159i \u00fatoc\u00edch ransomware | Zabezpe\u010den\u00ed v dob\u011b pr\u00e1ce z domova | Diamond Online[ja]<\/a> <\/cite><\/blockquote>\n\n\n\n<p>V reakci na to, ve \u010dtvrt\u00e9 tiskov\u00e9 zpr\u00e1v\u011b uvedli o v\u00fdkupn\u00e9m:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote\">\n<p>O pov\u011bdom\u00ed o v\u00fd\u0161i v\u00fdkupn\u00e9ho<br>Na za\u0159\u00edzen\u00edch infikovan\u00fdch ransomwarem byly ponech\u00e1ny zpr\u00e1vy od \u00fato\u010dn\u00edk\u016f a je pravda, \u017ee jsme byli po\u017e\u00e1d\u00e1ni o kontakt pro vyjedn\u00e1v\u00e1n\u00ed s \u00fato\u010dn\u00edky. Av\u0161ak v t\u011bchto souborech nebyla uvedena \u017e\u00e1dn\u00e1 \u010d\u00e1stka v\u00fdkupn\u00e9ho. Jak jsme ji\u017e d\u0159\u00edve ozn\u00e1mili, po konzultaci s polici\u00ed jsme se rozhodli nevyjedn\u00e1vat s \u00fato\u010dn\u00edky, a proto jsme v\u016fbec nekontaktovali (viz tiskov\u00e1 zpr\u00e1va ze dne 16. listopadu 2020), a tak nezn\u00e1me \u010d\u00e1stku.<\/p>\n<cite><a href=\"https:\/\/www.capcom.co.jp\/ir\/news\/html\/210413.html\" target=\"_blank\" rel=\"noreferrer noopener\">Zpr\u00e1va o v\u00fdsledc\u00edch vy\u0161et\u0159ov\u00e1n\u00ed neopr\u00e1vn\u011bn\u00e9ho p\u0159\u00edstupu\u30104. zpr\u00e1va\u3011 | Capcom Co., Ltd.[ja]<\/a> <\/cite><\/blockquote>\n\n\n\n<p>Vydali prohl\u00e1\u0161en\u00ed. To je pravd\u011bpodobn\u011b reakce na skute\u010dnost, \u017ee v d\u016fsledku v\u00fd\u0161e uveden\u00fdch zpr\u00e1v byla uvedena konkr\u00e9tn\u00ed \u010d\u00e1stka &#8220;1,15 miliardy jen\u016f&#8221;.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Vydani_na_souvisejicich_webovych_strankach_atd\"><\/span>Vyd\u00e1n\u00ed na souvisej\u00edc\u00edch webov\u00fdch str\u00e1nk\u00e1ch atd.<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>D\u00e1le Capcom ozn\u00e1mil na sv\u00fdch webov\u00fdch str\u00e1nk\u00e1ch, kter\u00e9 nejsou jejich korpor\u00e1tn\u00edmi str\u00e1nkami, jako je &#8220;CAPCOM: Shadaloo Fighter Research Institute&#8221; (web souvisej\u00edc\u00ed se Street Fighter 5) a &#8220;CAPCOM ONLINE GAMES&#8221;,<\/p>\n\n\n\n<blockquote class=\"wp-block-quote\">\n<p>\u3010Pokra\u010dov\u00e1n\u00ed zpr\u00e1v\u3011Ozn\u00e1men\u00ed o poru\u0161e skupinov\u00e9ho syst\u00e9mu<br>D\u011bkujeme v\u00e1m za pravideln\u00e9 vyu\u017e\u00edv\u00e1n\u00ed &#8220;Capcom Online Games (COG)&#8221;. Zve\u0159ejnili jsme nejnov\u011bj\u0161\u00ed informace o poru\u0161e syst\u00e9mu zp\u016fsoben\u00e9 neopr\u00e1vn\u011bn\u00fdm p\u0159\u00edstupem t\u0159et\u00ed strany do na\u0161eho skupinov\u00e9ho syst\u00e9mu od ran\u00fdch rann\u00edch hodin 2. listopadu 2020. Podrobnosti naleznete zde.<\/p>\n<cite>Podrobnosti ozn\u00e1men\u00ed | Capcom Online Games<\/cite><\/blockquote>\n\n\n\n<p>Str\u00e1nky jako tyto byly zve\u0159ejn\u011bny.<\/p>\n\n\n\n<p>Jak bylo zji\u0161t\u011bno v ran\u00e9 f\u00e1zi, tento \u00fanik informac\u00ed byl zp\u016fsoben &#8220;extern\u00edm outsourcingem nebo samostatn\u00fdm vyu\u017eit\u00edm extern\u00edho serveru&#8221;, a &#8220;nen\u00ed \u017e\u00e1dn\u00e1 souvislost mezi kybernetick\u00fdm \u00fatokem na n\u00e1\u0161 syst\u00e9m tentokr\u00e1t a p\u0159ipojen\u00edm k internetu nebo n\u00e1kupem ke hran\u00ed hry, a nebude to m\u00edt \u017e\u00e1dn\u00fd dopad na z\u00e1kazn\u00edky&#8221;,<\/p>\n\n\n\n<p>Je pravd\u011bpodobn\u00e9, \u017ee v\u00fdsledky vy\u0161et\u0159ov\u00e1n\u00ed byly ozn\u00e1meny v tomto okam\u017eiku, aby se u\u017eivatel\u016fm nezp\u016fsobovaly obavy a podobn\u011b, a bylo znovu ozn\u00e1meno na ka\u017ed\u00e9 str\u00e1nce.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Shrnuti\"><\/span>Shrnut\u00ed<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Jak jsme vid\u011bli, v p\u0159\u00edpad\u011b rozs\u00e1hl\u00e9ho \u00faniku osobn\u00edch \u00fadaj\u016f je d\u016fle\u017eit\u00e9:<\/p>\n\n\n\n<ul>\n<li>Okam\u017eit\u011b nahl\u00e1sit incident policii<\/li>\n\n\n\n<li>Z\u0159\u00eddit syst\u00e9m pro hl\u00e1\u0161en\u00ed situace a z\u00edsk\u00e1n\u00ed pokyn\u016f a rad od extern\u00edch pr\u00e1vn\u00edk\u016f s hlubok\u00fdmi znalostmi v oblasti kybernetick\u00e9 bezpe\u010dnosti<\/li>\n\n\n\n<li>\u0158\u00edzen\u00ed krizov\u00e9 komunikace t\u00fdmem uveden\u00fdm v\u00fd\u0161e<\/li>\n<\/ul>\n\n\n\n<p>A jakmile je k dispozici ur\u010dit\u00e9 mno\u017estv\u00ed informac\u00ed, je d\u016fle\u017eit\u00e9:<\/p>\n\n\n\n<ul>\n<li>Z\u0159\u00eddit bezpe\u010dnostn\u00ed dozor\u010d\u00ed v\u00fdbor v\u010detn\u011b pr\u00e1vn\u00edk\u016f<\/li>\n<\/ul>\n\n\n\n<p>M\u016f\u017eeme tedy \u0159\u00edci, \u017ee je d\u016fle\u017eit\u00e9 rychle a organizovan\u011b prov\u00e1d\u011bt krizov\u00e9 \u0159\u00edzen\u00ed.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Informa\u010dn\u00ed \u00fanik spole\u010dnosti Capcom, kter\u00fd se stal v listopadu 2020 (v roce Reiwa 2), byl zp\u016fsoben ransomwarem na zak\u00e1zku a mohlo doj\u00edt k \u00faniku a\u017e 390 000 osobn\u00edch \u00fadaj\u016f. Samoz\u0159ejm\u011b je lep\u0161\u00ed, kdy\u017e inci [&hellip;]<\/p>\n","protected":false},"author":32,"featured_media":63890,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[18],"tags":[24,29],"acf":[],"_links":{"self":[{"href":"https:\/\/monolith.law\/cs\/wp-json\/wp\/v2\/posts\/61581"}],"collection":[{"href":"https:\/\/monolith.law\/cs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/monolith.law\/cs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/monolith.law\/cs\/wp-json\/wp\/v2\/users\/32"}],"replies":[{"embeddable":true,"href":"https:\/\/monolith.law\/cs\/wp-json\/wp\/v2\/comments?post=61581"}],"version-history":[{"count":3,"href":"https:\/\/monolith.law\/cs\/wp-json\/wp\/v2\/posts\/61581\/revisions"}],"predecessor-version":[{"id":63892,"href":"https:\/\/monolith.law\/cs\/wp-json\/wp\/v2\/posts\/61581\/revisions\/63892"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/monolith.law\/cs\/wp-json\/wp\/v2\/media\/63890"}],"wp:attachment":[{"href":"https:\/\/monolith.law\/cs\/wp-json\/wp\/v2\/media?parent=61581"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/monolith.law\/cs\/wp-json\/wp\/v2\/categories?post=61581"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/monolith.law\/cs\/wp-json\/wp\/v2\/tags?post=61581"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}